Missouri’s age verification law, enacted on November 30, is the halfway mark for the sweep of age verification laws across the country.

As of this week, half of the states in the U.S. are under restrictive age verification laws that require adults to hand over their biometric and personal identification to access legal porn.

Missouri became the 25th state to enact its own age verification law on Sunday. As it’s done in multiple other states, Pornhub and its network of sister sites—some of the largest adult content platforms in the world—pulled service in Missouri, replacing their homepages with a video of performer Cherie DeVille speaking about the privacy risks and chilling effects of age verification.

Archive: http://archive.today/uZB13

  • renegadespork@lemmy.jelliefrontier.net
    English
    71·
    5 hours ago

    Clearly, no-one involved in making these laws has ever heard of OAuth. Not every single site needs to manage your identity / credentials. The government already has this info, they can be the identity provider and use OAuth to grant access to age-gated resources without giving any personal data to the platform. Someone mentioned id.me, and I’m pretty sure that’s how that platform works, though they’re a private entity if I understand their site correctly.

    I know most politicians are comically tech-illiterate, but it’s so frustrating to see them constantly implement terrible solutions to already solved problems without asking a single expert who knows how this shit works.

    That being said, California passed a bill with a not perfect, but better approach. User age is configured on the OS level when a user account is set up, and then it will tell platforms what age category the user belongs to, and nothing more:

    (a) An operating system provider shall do all of the following:

    (1) Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.

    (2) Provide a developer who has requested a signal with respect to a particular user with a digital signal via a reasonably consistent real-time application programming interface that identifies, at a minimum, which of the following categories pertains to the user:

    (A) Under 13 years of age.

    (B) At least 13 years of age and under 16 years of age.

    © At least 16 years of age and under 18 years of age.

    (D) At least 18 years of age.

    (3) Send only the minimum amount of information necessary to comply with this title and shall not share the digital signal information with a third party for a purpose not required by this title.

    I think iOS already does this, actually.

    • Crozekiel@lemmy.zipEnglish
      12·
      4 hours ago

      The CA bill is also dystopian nightmare fuel… The US isn’t going to build an enormous firewall like other countries have, we are just going to pass a bunch of stupid laws and threaten companies to block our citizens from access instead. Put the burden of building the wall on someone else, the modern American Way™!

      An entire generation of fuck-wad parents that just gave their kid a tablet and zero supervision instead of actually raising them are now using their failings as an excuse to control the population; control their devices, control their habits, control their knowledge, and control their thoughts.

      • renegadespork@lemmy.jelliefrontier.net
        English
        4·
        4 hours ago

        The bill I mentioned actually relies on parents configuring their kid’s devices. The system it describes just gives online (and even offline) platforms a standardized way of asking the OS what age category a user is as defined at account setup–hardly “dystopian nightmare fuel”…

        This isn’t going to stop unsupervised children, which is it’s own problem that technology doesn’t (and probably can’t) solve.

        • Crozekiel@lemmy.zipEnglish
          2·
          2 hours ago

          It requires every Operating System and “App Store” to know the user’s age. It requires every piece of software installed to receive the age-range token. It could be catastrophically bad for the open source community - the bill does nothing to define how these tokens are communicated and received. The largest players in the industry can use their market share to exert control over how it happens and bully anyone that doesn’t get on board. For example, Google could tie it to the Play Integrity/Services and effectively kill 3rd party roms and possibly even open source app stores like fdroid, or all side-loading entirely if it was tied into the Play Store enough.

          The bill isn’t specifically a privacy dystopian nightmare, but it is still a dystopian nightmare. We need the government and mega-corps to have less influence and control over our devices, this gives them more.

    • fuzzzerd@programming.devEnglish
      9·
      5 hours ago

      While true, a government IDP would still be able to track what sites you’re using your tokens at, which is not great.

      • renegadespork@lemmy.jelliefrontier.net
        English
        2·
        5 hours ago

        Agreed, but you’d think they would prefer that. The way it is now, they have no way of knowing which platforms have your government IDs.

        Though, let’s be real, all they need to do is pay a data broker for the tracking data that’s already being collected everywhere.

      • Peruvian_Skies@sh.itjust.worksEnglish
        1·
        2 hours ago

        By creating a plaintext dotfile in $HOME, I’d reckon. Minimum effort, gets the job done. Users can lie when setting up the account so protecting the file against tampering is pointless.

        But more likely, not a single distro will implement anything by default because it doesn’t make sense to change your internationally-distributed OS because one state in one country passed a stupid law.